Healthcare Data Breaches due to Email Attacks Continue to Increase

By the Numbers – Breaking Down the HHS Breach Database

Although the calendar has turned from 2017 to 2018, the headlines for data breaches as the result of email attacks aren’t all that different from last year. In early January we learned of a significant breach at Florida Medicaid that started with an employee who, according to Fortune, “fell for a malicious phishing email.” Unfortunately, the details of up to 30,000 patients may have been exposed. This isn’t that different from 2017 because looking at the HHS Breach Notification Database, there were 74 events last year that exposed over 10,000 patient records. I’m willing to bet that the Medicaid breach will be one of many headlines as the days of 2018 tick by.

The notification database also gives an interesting insight on the rate of breaches. The chart below shows by quarter the total number of patients impacted (orange columns) and the number of incidents (blue line). What immediately jumps out at me is that the number of incidents rose steadily for a full year starting in the third quarter of 2016 until the third quarter of 2017. There was then a modest pullback to 84 incidents in the fourth quarter of 2017, but that is still a 121% increase from the same quarter in 2016! Looking at the total number of patient records yields a slightly different story. The largest three events that impacted the most patient records were all in 2016. With a 2.2 million record breach recorded in March and over 7 million records in August of 2016. Thankfully we haven’t seen a breach of this magnitude for some time.

Looking primarily at email as the location for breaches, you can see the importance of email security for CIOs and CISOs at healthcare companies. There were just over 64,000 patient records exposed via email breaches in all of 2016 and over 65,000 records exposed in the fourth quarter of 2017 alone! The number of incidents has also gone up considerably with an increase of 467% in 2017 compared to 2016.

We’re also seeing survey data that shows CISOs and CIOs at healthcare organizations expect data breaches and attacks to increase in the future. In a recent Ponemon survey, What CISOs Are Worried About in 2018, almost 70% believe their organization is more likely to fall victim to a cyberattack or data breach in 2018. This jibes with a recent survey Mimecast conducted with HIMSS Analytics that found 97% of respondents are concerned with cybersecurity and resilience. And 87% expect threats to either increase or significantly increase in the future, despite coming off a notoriously difficult last year that saw major ransomware attacks like WannaCry and Petya/NotPetya. In fact, in the Mimecast survey, email was overwhelmingly considered the most likely source for a potential breach – receiving more first-place votes than all other categories combined.